Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2016-1265 | Information Exposure vulnerability in Juniper Junos Space A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery (CSRF), default authentication credentials, information leak and command injection attack vectors. | 9.8 |
| 2017-10-13 | CVE-2016-1261 | Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS). | 8.8 |
| 2017-07-17 | CVE-2017-2349 | Command Injection vulnerability in Juniper Junos A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges. | 8.8 |
| 2017-07-17 | CVE-2017-2348 | Resource Exhaustion vulnerability in Juniper Junos The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. | 7.5 |
| 2017-07-17 | CVE-2017-2347 | Improper Input Validation vulnerability in Juniper Junos A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. | 7.5 |
| 2017-07-17 | CVE-2017-2346 | Unspecified vulnerability in Juniper Junos An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). | 5.9 |
| 2017-07-17 | CVE-2017-2345 | Improper Input Validation vulnerability in Juniper Junos On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. | 9.8 |
| 2017-07-17 | CVE-2017-2344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow. | 7.8 |
| 2017-07-17 | CVE-2017-2343 | Use of Hard-coded Credentials vulnerability in Juniper Junos 12.3X48/15.1X49 The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. | 9.8 |
| 2017-07-17 | CVE-2017-2342 | Unspecified vulnerability in Juniper Junos 15.1X49 MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. low complexity juniper | 8.1 |